Vulnerability Description
Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add new administrators to any list via a modified MEMBERS_.List_ parameter.
CVSS Score
6.5
MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lyris | List Manager | 8.95 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0817.html
- http://secunia.com/advisories/21698
- http://securityreason.com/securityalert/1502
- http://securitytracker.com/id?1016771
- http://www.securityfocus.com/archive/1/444844/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28679
- http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0817.html
- http://secunia.com/advisories/21698
- http://securityreason.com/securityalert/1502
- http://securitytracker.com/id?1016771
- http://www.securityfocus.com/archive/1/444844/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28679
FAQ
What is CVE-2006-4546?
CVE-2006-4546 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add new administrators to any list via a modified MEMBERS_.List_ pa...
How severe is CVE-2006-4546?
CVE-2006-4546 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4546?
Check the references section above for vendor advisories and patch information. Affected products include: Lyris List Manager.